# GNU Social

Este guia usa debian wheezy e a [social pirata](https://social.pirata.xyz)

## debian

    sudo apt-get install git mysql-server nginx php5-curl php5-fpm php5-gd php5-intl php5-mysql

## gnu social

    sudo mkdir -p /var/www/git
    sudo chown www-data:www-data /var/www/git
    sudo -u www-data /usr/bin/git clone https://notabug.org/piratas/social.pirata.xyz.git /var/www/git/social.pirata.xyz

## nginx

Conteúdo de /etc/nginx/sites-enabled/social.pirata.xyz.conf

    server {
        listen 80;
        listen [::]:80;
        server_name     social.pirata.xyz;
        rewrite         ^ https://$server_name$request_uri? permanent;
    }
    server {
        listen  80;
        listen  [::]:80;
        server_name     *.social.pirata.xyz;
        return          301     http://social.pirata.xyz$request_uri;
    }
    server {
        listen 443 ssl;
        listen [::]:443 ssl;

        server_name     social.pirata.xyz;

        ssl_certificate         /etc/letsencrypt/live/pirata.xyz/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/pirata.xyz/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/pirata.xyz/chain.pem;
        ssl_protocols                   TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers       on;
        ssl_ciphers                     "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_ecdh_curve                  secp384r1;
        ssl_session_cache               shared:SSL:10m;
        ssl_session_tickets             off;
        ssl_stapling                    on;
        ssl_stapling_verify             on;
        resolver                        208.67.220.220 208.67.222.222 valid=300s;
        resolver_timeout                5s;
        add_header                      Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
        add_header                      X-Frame-Options SAMEORIGIN;
        add_header                      X-Content-Type-Options nosniff;

        root    /var/www/git/social.pirata.xyz;
        index   index.php;

        location ~ \.php {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php5-fpm-social.pirata.xyz.sock;
        }

        location / {
                try_files       $uri $uri/ @gnusocial;
        }

        location @gnusocial {
                rewrite ^(.*)$ /index.php?p=$1 last;
        }

        location ~ /\.(ht|git) {
                deny all;
        }
    }


## php-fpm

Conteúdo de /etc/php/fpm/pools.d/social.pirata.xyz.conf

    [social]
    
    user = www-data
    group = www-data
    
    listen = /var/run/php5-fpm-social.pirata.xyz.sock
    
    listen.owner = www-data
    listen.group = www-data

    pm = dynamic
    pm.max_children = 5
    pm.start_servers = 2
    pm.min_spare_servers = 1
    pm.max_spare_servers = 3

## mysql

    sudo mysql -p
    > CREATE DATABASE social;
    > GRANT ALL ON social.* TO 'social'@'localhost' IDENTIFIED BY 'social';
    > FLUSH PRIVILEGES;
    > exit
